Overview

overview

10

Static

static

10

Mars Steal...PC.exe

windows7-x64

10

Mars Steal...PC.exe

windows10-2004-x64

10

Mars Steal...nu.exe

windows7-x64

3

Mars Steal...nu.exe

windows10-2004-x64

3

mars_panel...n.html

windows7-x64

3

mars_panel...n.html

windows10-2004-x64

3

mars_panel...l.html

windows7-x64

3

mars_panel...l.html

windows10-2004-x64

3

mars_panel...te.ps1

windows7-x64

3

mars_panel...te.ps1

windows10-2004-x64

3

mars_panel...min.js

windows7-x64

3

mars_panel...min.js

windows10-2004-x64

3

mars_panel...nit.js

windows7-x64

3

mars_panel...nit.js

windows10-2004-x64

3

mars_panel...min.js

windows7-x64

3

mars_panel...min.js

windows10-2004-x64

3

mars_panel...n.html

windows7-x64

3

mars_panel...n.html

windows10-2004-x64

3

mars_panel...min.js

windows7-x64

3

mars_panel...min.js

windows10-2004-x64

3

mars_panel...min.js

windows7-x64

3

mars_panel...min.js

windows10-2004-x64

3

mars_panel...app.js

windows7-x64

3

mars_panel...app.js

windows10-2004-x64

3

mars_panel...min.js

windows7-x64

3

mars_panel...min.js

windows10-2004-x64

3

mars_panel...ker.js

windows7-x64

3

mars_panel...ker.js

windows10-2004-x64

3

mars_panel...min.js

windows7-x64

3

mars_panel...min.js

windows10-2004-x64

3

mars_panel...min.js

windows7-x64

3

mars_panel...min.js

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    13-12-2024 21:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mars_panel_v8/manul_panel.html

  • Size

    2.3MB

  • MD5

    4da0595d97fffabea58ffdb6cc493353

  • SHA1

    e5d10b384ecfea97b1ae7039aa4a5e8ff652a464

  • SHA256

    d6d3b257e3e35d9088a4051f612605c4459be0e7d5c27e687b82275331082fcf

  • SHA512

    51dcbbb1cd5c42c866f7b736e4bfa3663140bcbe6311f42d4ff57998e1ba80d32fbdd50a151ecdb2641d4860dedf05ae745b975b8d7ec3943d23dd744857dea0

  • SSDEEP

    24576:IrvtbbswNPXgPHhWsEkluvxS2t8Ga0z97owwc4JXtNrtb77WEYbBAExOSA7ii8Lh:YVSykl2c/GowwbLtbut47i56FAV2Opl

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\mars_panel_v8\manul_panel.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2988
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2988 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f7c114c3cb439f4e342f0fb3690652d

    SHA1

    6ed93ad7d5ab5842cb6de9a3c58809a9c234e3e6

    SHA256

    7e533787f5be07e0f41f8ef90a592ca976639ab8a67ae8eda2e71c91c2c394ca

    SHA512

    546d3b7e63f2f312e337e4e610b6f87437616b4fabbf2eeba9dc7d67c0a78011c9f5456828ce80301a60e33d44313d13dc9ff774c8da3cfa73128df7a5f8e9bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    110102499a4e02eaa33293a8f7ecaf58

    SHA1

    91dc7a31cc98341cd6ae994b362c377b866a7d80

    SHA256

    fc1117742ab505c502aea5a2a170a49ec547f813eefe50cd18f13a486b9c7a1f

    SHA512

    a435a6f800071f499ef142ee4bd94002403f290267093fcdf5ca26f07d9eb3c627d70eaa45866c0844226ffa8570dcee52b6b1c22c7e713c67e8089eca479582

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a7953db0e869830d94f6a9519ed866c

    SHA1

    a9bee63c51a40b38fa5b116205c0929d5328ec95

    SHA256

    91baf1fcc0fe818458dcd6013fc833d36b5d77bdaf05bf4aa0c7bbcd397ef770

    SHA512

    0eb58579cf6bb62b8dee6df21fc161d84a73b154b867c862dca0526c2848c0d73e078e6d072404c94bca880b3ed426accb3440e78464f17b41b17948c167eeb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5695598aef6011a410f152ce2a79532f

    SHA1

    40084ab399b353f4c494c4a45bf34f1b471fcfa8

    SHA256

    d6f87a967a7dc122f678aa9379bc18e20a7ce7fc36ca50a79654c45388c976d5

    SHA512

    d81327665332801455f5edb8d6820c198de891920cb2a1bed91b69b7495d091a9234181f954dca6a6c459f9f5067cc56b0a925248e866604acabd045808c8358

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81b2ae93ee289e0f7f38c7826000f25f

    SHA1

    0c4f41d7359edc879a5c29653205808af984dee2

    SHA256

    b3cdc6f8094c4cfde9c30609f6a554bc56193d391ff89f53af96a3427768cdbb

    SHA512

    1f2f90079f2467d831fb8b828cd8147085d555a120c40cbdeb10d07caafc6f11b185b54c932bad5c9e79853221eaf7e080fc9b6e47494391c38eaeeead1e12ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c8af7672cf5fb31f5c5aa518271171b

    SHA1

    a7d47ef680697a6c0fb8fc2bec348c60620ae2c2

    SHA256

    418a02eef17c6de9eeca576fbee12ae9e8a440d81842952419aa9706e5d5a710

    SHA512

    97839d3305f901f0a0ba9a5eb618bc31debaf9aa9f7e38788b5f3add8c80cd6b64b70b3389196c5d342ca96351867b8104a04b4a52538227b3ede97ae8141481

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d885f2ab89bf871bb98c988f2fb8fae

    SHA1

    9885d87bdf5f82f620d49ccc0047a794473a3814

    SHA256

    85221d41484268a414d5c23d55ab28e2633acf5be74da9f334d73676962aa8c3

    SHA512

    30e8d15b325e5ed35206748331b7948dd5136d7bfa464ec5d545951a93c6e4f316fd4e05bf5fc3b10117b7ccbf2a5db00906907e8e650739832de42c1228e8e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c1d9ce93e5f684ee953c3b0c48ffafcd

    SHA1

    34c4b2ef7c88772b9cfb3deae7a834a1085006bd

    SHA256

    7eb7a785c1bca7408c4837742ca1e07debc209bdad0b708ec1d39f700dbc99a1

    SHA512

    224cc4ea6f9885a57f2c5cd0e5b9a2df8fcda80e45cd74eb9d60f46955e2dff84041861b511c3a3cd179083588ddff5ccdcc88f54da93a34842b085ac103798c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd6dca8779fe5f66879c5bdbb3435aa4

    SHA1

    f5af0abf68410038402c207f471c17bdd9a809a3

    SHA256

    f9faa3eb6a274199501c375b1ab189e2debc0926b985103601307c3c51315ccf

    SHA512

    7b59af31fdf8d973893515644a19fd29653cf915e5e00100986a3ca381f2cd5feb0ce5840be769df52d884c95e71c63ae0c5d03a8171ffe4a169fcaf8683b7ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f30046861512dfda3b629392a1bf8199

    SHA1

    3ca33db013928c987b9fb40a769ea580da959bf0

    SHA256

    e825a236df60b2b9bbf385e73595a2ec20b9fe02448b65eb3e43accb41b696dd

    SHA512

    6481a6133f56c26f6fa2656e57b3a44e155a022c7f3f801a887459ce24c400439a0bb18d5e97172d0c3eddb9fc136fb5aa68d625cfb00ee67112a2a32f89d8f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    88e299e667495410ba106e416bcfd7a2

    SHA1

    78a564977e058d2bd113f84eb542139f8daf89e4

    SHA256

    ac2bbf85050e3e8a4d50d641d4278aceb2fc8d0c60ed16e5d80b31760c3e8849

    SHA512

    1e5b80bf60469360b0cb7b4bf63993e0ce0043323dcf5fb2de9b54c4545812889d1b1a6b2b980027f3b65061f61ee6d3b23367d22db002810b192b35d507de70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19e9a62f2a14ce7e1bce53b267c018ca

    SHA1

    9650e2a8f09201e77c57b8ca4b76e48f97d4df27

    SHA256

    7edc464b065adbdf8769b75a813a242e3128d6fd8d1d080112a85dc037fab188

    SHA512

    3baf5ed3561b3d86d9d31ce6c82cffe04fbe28d43c61aba01eeea58bef1cb66717f94845e46a0a35403ceb26b629550d8d06b561a286a7a1c801c28bcfdeca44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e92aa57a50a1bf9cbd6215edc098beb7

    SHA1

    139d1b034e47f2098533d1234548977c8a1476be

    SHA256

    bf155b571edc6ea1ba73fb6314f0e407d90690b9fa6a596bf0b216f048a88106

    SHA512

    7ba958037d0b03cdcd58cad150fe782b6b0378190e4b2841a6b216edfa019baea4f13f1a85b452e7770e9d0662db86ef50f42bf4a8e257ff8a6dad272e5ec839

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0e712fc23144107cfc44e100f508c6f

    SHA1

    2a249331896b5a248bc55eb20a744c991438b17b

    SHA256

    0af3cdaf2fa47a8b86defd4028f98d0048943c2bf61ea0e1f588fae9e255a570

    SHA512

    72d804861386e9410d667b8a88281838b3e81f5f41ec07efad882d5d0432070d1d5ae4bd905ab755624e2df9b473a414af2b9b39f36e912afc54a0c10bb3b1b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    324dc9e00b5d707a48c2c848f2e3c8b6

    SHA1

    e56dd4b86c826f6d450da5db1b22bf46618aa5c2

    SHA256

    56d6f3ef1b8bfdc9d4cc91671eef40bf68c41cdbdb04faf3844739ddcd4246eb

    SHA512

    c4451757a9b493ac4e3034231deccab0c763934f46eff30a2e1aa8e029deef5cece368929fb8b33bd11a220a8e91457832274ae5841b4e1aba954c4fdd01cf89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74a96f9138494c93240220e8df3b20d5

    SHA1

    0b4e9aa5ea3b6a52fb3c9a5ae4395d5648958943

    SHA256

    23051a3e74e716d46de4709668cc953a32d821ea399c4bfdb2e8541a78a4f823

    SHA512

    fe5ecbf9afa4eb284b2d8c13bf4e0ca1c31f59dad7ad15116f632b4ff74ab4b249ba8612642108149300c41d46ee573392c58a382523712c0f7a011713f58e63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42227b5328aa5e8a4e07395a9163819b

    SHA1

    b497d8558b54e49c74e69433ff15c68c33f556bd

    SHA256

    06234d7a841ec2c29646a43db54ca6c524f79ea9ccb6b3a96325111d0913676a

    SHA512

    14154272af685bd29e037937e578d23a00ef4841d85f372c1114fe5bbe440cb37de4d81083a621ff8da24c52e90a02100731666bbba39aca272f92febbf2bca2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6991ce5f798d90fb874fc83ffc8f3ffa

    SHA1

    a1a11db230bb057f9e4b944cdd8d3a009f1ad758

    SHA256

    acc7ac6613590c798accbfdf5f7e836ed4634af652b5ddee5e3fbd72eba72cca

    SHA512

    310b38a35276bb2540a94ad0e99f2c8a527a2fcfee532ab90dd2a247024c2d1e87c7e4aa9f1788218ccaad215b958f2d8be567cad91fca3353e0557b75bd1ca0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8329417fce953ca158d7d174ab4cdba6

    SHA1

    b1c64116fe4f74889d6386c46bccce3cb05e9639

    SHA256

    c8f153d8ea3d199b222f3e7ff4fb4fc21b764bff6420032835058a179cd28968

    SHA512

    7d7d38bda074fae6fb585baa55901235d9485bd214f27a71d8acd9a592a7053875b30c0b28ec2f73a3c418f667f12283863f738b212684d5e70da47ed9047546

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE8CC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE99A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit